Overview

overview

10

Static

static

10

84d952648c...kes118

ubuntu-20.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    84d952648c8b04ae92d8ae5c590bb796_JaffaCakes118

  • Size

    549KB

  • MD5

    84d952648c8b04ae92d8ae5c590bb796

  • SHA1

    226678d94699643f98278f12fc75ee2e91cb35ca

  • SHA256

    26afd8aa5395d48d260804313103452ffe2248d7820d0c688f19b9e2532f86d2

  • SHA512

    c5eade8014054e73800aa2776509eef9a851f61c34fca60132f1db534706a7cccbff2ed4a21d10b2a39602a3843f24792a8bf362b1655a88048af740a84b2f60

  • SSDEEP

    12288:VeRvuKqiVZ4En5drNK0pPEfJKlHZ8mG97Qxee6yzmx:VIv/qiVNHNDEfJKHZ8mG9QeeO

Score
10/10
xorddos

Malware Config

Extracted

Family

xorddos

C2

p6.2017fly.com:21

p6.2017fly.com:80

p6.2018fly.com:21

p6.2018fly.com:80

p6.sb1024.net:21

p6.sb1024.net:80

http://fuck.2017fly.com/i.php
Attributes
  • crc_polynomial

    CDB88320

xor.plain

Signatures

  • XorDDoS payload 1 IoCs
  • Xorddos family
    xorddos

Files

  • 84d952648c8b04ae92d8ae5c590bb796_JaffaCakes118
    .elf linux x86